package com.fpost.security;

import java.io.IOException;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

public class SecurityFilter implements Filter {

	private FilterConfig config = null;

	public void init(FilterConfig config) throws ServletException {
		this.config = config;
	}

	public void destroy() {
		config = null;
	}

	@Override
	public void doFilter(ServletRequest arg0, ServletResponse arg1,
			FilterChain arg2) throws IOException, ServletException {
		// TODO Auto-generated method stub
		
	}

//	public void doFilter(HttpServletRequest request, HttpServletResponse response,
//			FilterChain chain) throws IOException, ServletException {
//
//		HttpSession session = request.getSession();
//		// Get the user's security profile of the user from the session
//		// If the session is invalid, redirect to some login/invalid page.
//		SecurityHelper userSecObj = session.getAttribute(SECURITY_PROFILE);
//
//		// Compare the current URI with the access associated with the access
//		// to that URI for the role using the userSecObj.
//		accessAllowed = userSecObj.isAccessAllowed(requestUri);
//		if (accessAllowed) {
//			// If the user is allowed access to the URI, let the flow proceed as
//			// normal
//			chain.doFilter(request, response);
//		} else {
//			// if the user is not allowed access, you can redirect him to an
//			// error page.
//			response.sendRedirect("AccessDenied.jsp");
//		}
//	}
}
